Catalin Farcas
Catalin Farcas

Reputation: 655

Validation Controller inside CMS in Silverstripe

At the moment i have a LeftAndMain section named 'Applications' which contains a form with a password field: LeftAndMain content section

The code for this is:

class Applications extends LeftAndMain {
    static $url_segment = 'applications';
    static $menu_title = 'Applications';
    static $url_rule = '$Action/$ID';

    public function init(){
        parent::init();
    }

    public function getEditForm($id = null, $fields = null) {
        $fields = new FieldList(
            TextField::create('Password', ' Password')
        );
        $actions = new FieldList(new FormAction('applicationPassword'));
        return new Form($this, "EditForm", $fields, $actions);
    }

    public function applicationPassword($data, Form $form){
        $form->sessionMessage('Correct password. I will redirect you to manage your model', 'success');
        return $this->redirectBack();
    }
}

When submiting this form, the action function should validate if it's equaly with something (in my case, it's a key to decrypt data from a database) and then redirect/show the Gridfield.

The second point is a ModelAdmin, where i can manage the data (that are comming from that database) through GridField. Managing data from a model

The code for this is:

class Applications2 extends ModelAdmin {
    static $url_segment = 'applications2';
    static $menu_title = 'Applications2';

    private static $managed_models = array(
        'SecureFormInput'
    );
}

And here is my question: is it possible to do this ? Any suggestions/help becouse i tried for while and no result.

Upvotes: 0

Views: 343

Answers (1)

theruss
theruss

Reputation: 1746

I'm finding it really hard to figure out what you're really trying to do.

Here are a few things that I can see that might still help you though:

  1. You wouldn't usually extend LeftAndMain directly. 99% of the time, developers are building admin-screens or areas, in which a single or multiple model(s) (DataObject subclasses) are managed.
  2. In your Applications class you have no $allowed_actions static. You need this to have at least a single value: 'applicationPassword' in order to tell SilverStripe which are the legitimate actions this controller can perform.
  3. Again, depending on what you're trying to do, you would usually password protect a CMS admin area using the SilverStripe CMS' standard permissions system (See the "Security" menu item). Notice you can authorise users or groups on some admin screens. If this is what you're trying to do for your various custom controllers, you should ensure your controller declares a canView() method. Again see LeftAndMain.php for examples.
  4. Validation is usually done at a model level. E.g. you have a DataObject subclass which you want to manage from within a ModelAdmin. In which case you define a method called validate() on your DataObject subclass. When editing / creating new instances of this model from within your ModelAdmin, the CMS knows to run your validate() method, if it finds one on your model.
  5. When you say "It isn't working" we really need to know "in what way?" e.g. Do you see an error message, do you not see something you should, if so what etc etc

If none of these points help, what would really help others help you, is if you re-wrote your question something like this:

"I am trying to password protect a custom CMS administration screen. I have a model MyModel with the following class definition (screenshot or code), and a ModelAdmin (screenshot or code). The code should show an error message of the password is bad (a bad password is one that doesn't match one in the database, or doesn't follow a specific format etc etc) or a success message of the password matched a DB entry or did follow a specific pattern or format."

Good luck :-)

Upvotes: 1

Related Questions